Stay on Top of Enterprise Technology Trends
Get updates impacting your industry from our GigaOm Research Community
Four U.K. Lords have proposed amendments to an anti-terror bill that would revive much of the dormant Communications Data Bill, a.k.a the “Snooper’s Charter”.
In particular, the amendments would let British authorities force web and telecoms providers — even those outside the U.K. — not only to retain metadata on customers’ communications, but also to install equipment for “filtering” data. It looks like access to this data would not be subject to judicial oversight.
The Communications Data Bill is supposedly dead in the water during the current Parliament – the Conservatives’ Liberal Democrat coalition partners refuse to allow it – but the key elements are found in the amendments to the Counter-Terrorism and Security Bill, which is in its latter stages of development.
The amendments broadly describe a data retention regime, and much of their language seems to double up what can already be found in the recently rushed-through Data Retention and Investigatory Powers (DRIP) Act, a piece of “emergency” legislation designed to prop up British data retention after the EU banned its Europe-wide mandate. However, they also go significantly further.
More than data retention
DRIP actually expanded the authorities’ data retention powers, allowing them to demand that web communications providers around the world – Facebook and so on – also have to store metadata about Britons’ communications, as British telcos and email providers already had to before.
And even before the new amendments, the Counter-Terrorism and Security Bill already includes a modification to DRIP that would expand it again so these providers must regularly log IP address details for their British users.
The new amendments (PDF), put forth by Lords King, Blair, West and Carlisle on Wednesday, would also allow “filtering arrangements”, that would let authorities obtain and process “the data or data from which the data may be derived.” This filtering could involve the use of software and hardware, and the amendments also state that communications providers may be required to “acquire, use or maintain specific equipment or systems.” The British taxpayer would fund much of this.
The power to access this processed data would be granted to any designated senior officer of a relevant public authority as long as they believe it’s necessary for an investigation or specific operation or “the purposes of testing, maintaining or developing equipment, systems or other capabilities relating to the availability or obtaining of communications data,” and as long as it’s “proportionate to what is sought to be achieved.”
Déjà vu all over again
The Communications Data Bill also talked in ill-defined terms about filtering arrangements that may involve equipment. Civil liberties activists and security experts alike took this to mean the placing of hardware or software tools in communications providers’ facilities, allowing authorities to access various providers’ metadata databases through a search engine-like front end.
This was why the Lib Dems refused to allow the bill during the current Parliament, and Lib Dem Member of Parliament Julian Huppert is not happy about this week’s developments.
As well he should be. If there’s a significant difference between these amendments and the Communications Data Bill, it’s that they don’t provide for the judicial oversight that the Snooper’s Charter did.
The Lords who proposed the amendments include Ian Blair (former Metropolitan Police commissioner), Tom King (former secretary of defense), Alan West (former minister for security and counter-terrorism), and Alex Carlisle (former government anti-terror adviser).
The Counter-Terrorism and Security Bill will be subject to a second Lords committee meeting on Monday (the first was on Tuesday past), then another, then it will go to report stage, and then a third reading in the House of Lords. After that, the two houses of Parliament will consider each other’s amendments. In other words, there are still some opportunities to take this stuff out, though few votes as such.
It should also be noted that, like the DRIP Act, these amendments would expire at the end of 2016, by which time the government hopes to have created a new permanent surveillance law.
Nonetheless, the Open Rights Group has decried the sudden effective revival of the Communications Data Bill, arguing that the Lords “cannot have time to properly consider the bill”, and that the short notice “would deny the Commons the opportunity to consider the clauses as well.”
“Regardless of what you think about the amendments themselves, this is an attempt to insert a discredited bill into another bill at a very late stage in the parliamentary process,” Open Rights Group chief Jim Killock said in an emailed statement. “The Communications Data Bill was rejected first time round because of the threats it posed to our privacy and rights. It cannot be introduced without proper scrutiny and a public debate.”